Hi, While implementing (stricter) firewall rules I noticed weird behaviour. For the monitors only port 6789 was allowed. We currently co-locate the manager daemon with our monitors. Apparently (at least) port 6800 is also essential. In the Network Configuration Reference [1] there is no mention of the iptables rules needed for the manager. The figure depicting request / response within / between the client / nodes in the network does not yet describe interaction with manager. Do you need to open up port 6800(:7300?) completely, or is it enough to only allow traffic between manager(s) <-> monitor(s)? Gr. Stefan P.s. How can one contribute to the documentation? [1]: http://docs.ceph.com/docs/luminous/rados/configuration/network-config-ref/ -- | BIT BV http://www.bit.nl/ Kamer van Koophandel 09090351 | GPG: 0xD14839C6 +31 318 648 688 / info@xxxxxx _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |